Posts Tagged ‘Vulnerability’

Cracking BlackBerry backups is now slower… but still possible, thx to GPU acceleration

Friday, December 24th, 2010

If you have read our recent Cracking BlackBerry Backup Passwords article, you should be familiar with encryption implemented in BlackBerry Desktop Software. Just reminding:

In short, standard key-derivation function, PBKDF2, is used in a very strange way, to say the least. Where Apple has used 2’000 iterations in iOS 3.x, and 10’000 iterations in iOS 4.x, BlackBerry uses only one.

So password verification is (was) so fast/simple that we did not care about implementing it on the GPU — modern CPU is able to crack almost 8 million passwords per second (thanks to multi-threading and AES-NI). We would not call that the vulnerability, but still the weak link.

But new versions of BlackBerry Desktop Software have been released reсently (6.0 for Windows and 2.0 for Mac). And as always, there are bad news and there are good news.
(more…)

Military Strike Fighter F-35 Materials Hacked

Tuesday, April 21st, 2009

As posted by Rosalie Marshall in her today’s article, secret F-35 military plane design materials have been stolen presumably by Chinese hackers (?):

The hackers copied data relating to the aircraft system design by exploiting network vulnerabilities in computer infrastructure belonging to contractors helping to build the new planes.

They gave no more detail on network vulnerabilities revealed by intruders except for the fact that only online computers could be attacked and so more important information (stored on offline machines) remained intact.